Unfortunately this also makes recursive push a pain because authenticating to https URLs is awkward.

For the moment I don't plan to make any changes - at this stage in the project's development, anyone cloning the repo is probably going to be doing development and pushing patches back, so likely already registered with github. I'd rather optimize the current state of the project for easy development than easy non-developer cloning.

Once we get to the point of a stable release there will be tarballs with all of the submodules integrated that can be downloaded anonymously. The only reason to clone the repo once we have a release is to do development, so requiring a github login to do that isn't a big deal. If somebody really doesn't want to authenticate to github I guess they could clone each module over HTTPS manually and patch the gitmodules file, but that seems like a lot of work for a pretty rare problem.

let's close this issue which is not really an issue in fact

I believe the correct solution to this problem is to use relative URLs so that the sub modules would use whatever method was originally used for the clone base repo.

From: https://git-scm.com/docs/git-submodule

" is the URL of the new submodule’s origin repository. This may be either an absolute URL, or (if it begins with ./ or ../), the location relative to the superproject’s default remote repository "